Skip to content

Various bug fixes#106

Open
ballesterosa wants to merge 8 commits into
google:mainfrom
ballesterosa:bug-fixes
Open

Various bug fixes#106
ballesterosa wants to merge 8 commits into
google:mainfrom
ballesterosa:bug-fixes

Conversation

@ballesterosa

@ballesterosa ballesterosa commented Jun 30, 2026

Copy link
Copy Markdown
Collaborator

Fixes:

  • missing length check for MinimumTeeTcbSvn that causes uncontrolled slice index panic during SVN validation
  • validation bypass in AnyMrTd policy check due to incorrect handling of an empty slice
  • OOB slice panic due to misplaced OutLen validation
  • memory leak inside quote provider eval

Also adds CGO_ENABLED: 0 to the env in the CI.yml file to pass tests on the macOS runner and brings back reflect instead of cmp since cmp isn't recommended in a non-testing context.

…anic, and add test to verify panic doesn't occur
…tion cannot be bypassed by empty AnyMrTd slice
since a tdxHdr with Status == 0 can still have an invalid Quote size, it can cause an out of bounds panic when slicing tdxHdr.Data
@jessieqliu

Copy link
Copy Markdown
Collaborator

Can you update the description to be more clear about the bugs being fixed? Also minor nit: I don't think the AI scanning needs to be mentioned in the title - the source of finding these bugs is less important than the actual changes being made. If the fixes aren't easily summarized then something like "Various bug fixes" should be fine.

@ballesterosa ballesterosa changed the title Bug fixes from AI vulnerability scanning Various bug fixes Jul 1, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants